cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-23359,https://securityvulnerability.io/vulnerability/CVE-2025-23359,Time-of-Check Time-of-Use Vulnerability in NVIDIA Container Toolkit for Linux,"The NVIDIA Container Toolkit for Linux is susceptible to a Time-of-Check Time-of-Use (TOCTOU) vulnerability, especially when operated under its default configuration. This flaw allows maliciously crafted container images to potentially access the host file system. Successful exploitation could result in various security issues, including unauthorized code execution, denial of service, elevated user privileges, and even sensitive data exposure or manipulation.",Nvidia,"Container Toolkit,Gpu Operator",8.3,HIGH,0.0004299999854993075,false,,true,false,true,2025-02-12T14:04:29.000Z,false,false,false,,2025-02-12T00:52:43.646Z,919
CVE-2024-0137,https://securityvulnerability.io/vulnerability/CVE-2024-0137,Improper Isolation Vulnerability in NVIDIA Container Toolkit,"The NVIDIA Container Toolkit exhibits an improper isolation vulnerability due to misconfigured container settings. When a specially crafted container image is introduced, it could allow untrusted code to execute within the host's network namespace. This vulnerability is particularly concerning when the toolkit is set up in non-standard configurations. Its exploitation may potentially result in denial of service and unauthorized escalation of privileges, impacting the overall security posture of the systems utilizing the toolkit.",Nvidia,"Nvidia Container Toolkit,Nvidia Gpu Operator",5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T03:10:36.813Z,0
CVE-2024-0136,https://securityvulnerability.io/vulnerability/CVE-2024-0136,Improper Isolation in NVIDIA Container Toolkit Leading to Host Device Access,"The NVIDIA Container Toolkit presents an improper isolation vulnerability that occurs due to its specific configuration. When configured in a non-default way, a specially crafted container image can exploit this flaw, potentially allowing untrusted code to gain read and write access to host devices. This could lead to serious impacts, including unauthorized code execution, denial of service, privilege escalation, information disclosure, and data tampering. Ensuring proper configuration is essential to mitigate risks associated with this vulnerability.",Nvidia,"Nvidia Container Toolkit,Nvidia Gpu Operator",7.6,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T03:09:53.568Z,0
CVE-2024-0135,https://securityvulnerability.io/vulnerability/CVE-2024-0135,Improper Isolation in NVIDIA Container Toolkit Exposes Host Binary to Risks,"The NVIDIA Container Toolkit exhibits an improper isolation vulnerability that can be exploited through specially crafted container images. This weakness may allow attackers to modify host binaries, potentially leading to a range of security risks including unauthorized code execution, denial of service, privilege escalation, information disclosure, and data tampering. Organizations leveraging the toolkit are urged to apply the latest updates to mitigate these threats.",Nvidia,"Nvidia Container Toolkit,Nvidia Gpu Operator",7.6,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T03:09:02.626Z,0
CVE-2024-0134,https://securityvulnerability.io/vulnerability/CVE-2024-0134,Unauthorized Files Creation Vulnerability Affects NVIDIA Container Toolkit and GPU Operator for Linux,NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name and location of the files cannot be controlled by an attacker. A successful exploit of this vulnerability might lead to data tampering.,Nvidia,"Nvidia Container Toolkit,Nvidia Gpu Operator",4.1,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-11-05T18:37:31.699Z,0
CVE-2024-0133,https://securityvulnerability.io/vulnerability/CVE-2024-0133,NVIDIA Container Toolkit Vulnerability Could Lead to Data Tampering,NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to data tampering.,Nvidia,"Container Toolkit,Gpu Operator",3.4,LOW,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-09-26T05:21:33.599Z,0
CVE-2024-0132,https://securityvulnerability.io/vulnerability/CVE-2024-0132,NVIDIA Container Toolkit Vulnerability Allows for File System Access,"The NVIDIA Container Toolkit versions up to 1.16.1 possess a Time-of-Check Time-of-Use (TOCTOU) vulnerability that arises when the tool is utilized with its default configurations. A specially crafted container image can exploit this vulnerability to gain unauthorized access to the host file system. This situation creates several security concerns, such as unauthorized code execution, potential denial of service, privilege escalation, and possibilities for information disclosure and data tampering. The vulnerability is mitigated when Container Device Interface (CDI) is implemented.",Nvidia,"Container Toolkit,Gpu Operator",8.3,HIGH,0.000910000002477318,false,,true,false,true,2024-09-26T22:42:46.000Z,,false,false,,2024-09-26T05:18:33.211Z,273